Kaspersky Lab experts have discovered a new malicious application on the Google Play store titled “Guide for Pokémon Go” which has been downloaded more than 500,000 times, with at least 6,000 successful infections.
Monthly Archives: September 2016
Microsoft and Adobe Rolls Out Critical Security Updates – Patch Now!
In BriefYou should not miss this month’s Patch Updates, as it brings fixes for critical issues in Adobe Flash Player, iOS, Xcode, the Apple Watch, Windows, Internet Explorer, and the Edge browser.
Adobe has rolled out a critical update to address several issues, most of which are Remote Code Execution flaws, in its widely-used Adobe Flash Player for Windows, Macintosh, Linux and ChromeOS.
Suspicious Microsoft Publisher Mail Attachment
Microsoft Office Publisher files might contain a malicious downloader. A remote attacker could send spam e-mails including those downloaders, and use social engineering in order to convince users to manually enable them. This would allow the malicious code to run and infect the target system.
Adobe Flash Player Memory Corruption (APSB16-29: CVE-2016-4281; CVE-2016-4281)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file.
MySQL Remote Root Code Execution (CVE-2016-6662)
A code execution vulnerability exists in MySQL database server. Successful exploitation could allow a remote attacker to shut down the database, modify its content, or execute arbitrary code on the affected servers.
Bugtraq: ESA-2016-104: EMC ViPR SRM Multiple Vulnerabilities
ESA-2016-104: EMC ViPR SRM Multiple Vulnerabilities
Bugtraq: ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability
ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability
Bugtraq: [security bulletin] HPSBGN03572 rev.1 – HPE Performance Center, Remote User Validation Failure
[security bulletin] HPSBGN03572 rev.1 – HPE Performance Center, Remote User Validation Failure
Bugtraq: [security bulletin] HPSBST03640 rev.1 – HP XP7 Command View Advance Edition Suite (CVAE) using Replication Manager (RepMgr) and Device Manager (DevMgr), Local Access Restriction Bypass
[security bulletin] HPSBST03640 rev.1 – HP XP7 Command View Advance Edition Suite (CVAE) using Replication Manager (RepMgr) and Device Manager (DevMgr), Local Access Restriction Bypass
RHSA-2016:1858-1: Moderate: ruby193-rubygem-actionpack security update
Red Hat Enterprise Linux: An update for ruby193-rubygem-actionpack is now available for Red Hat Software
Collections.
Red Hat Product Security has rated this update as having a security impact of
Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a
detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.
CVE-2016-6316